/** * Prepares a set of conditions to select fields against. * * @param array $conditions List of conditions. * @param array $fetchOptions The fetch options that have been provided. May be edited if criteria requires. * * @return string Criteria as SQL for where clause */ public function prepareUserFieldConditions(array $conditions, array &$fetchOptions) { $db = $this->_getDb(); $sqlConditions = array(); if (!empty($conditions['display_group'])) { $sqlConditions[] = 'user_field.display_group = ' . $db->quote($conditions['display_group']); } if (!empty($conditions['profileView'])) { $sqlConditions[] = 'user_field.display_group <> \'preferences\' AND user_field.viewable_profile = 1'; } if (!empty($conditions['messageView'])) { $sqlConditions[] = 'user_field.display_group <> \'preferences\' AND user_field.viewable_message = 1'; } if (!empty($conditions['registration'])) { $sqlConditions[] = 'user_field.required = 1 OR user_field.show_registration = 1'; } if (isset($conditions['moderator_editable'])) { $sqlConditions[] = 'user_field.moderator_editable = ' . ($conditions['moderator_editable'] ? 1 : 0); } if (!empty($conditions['adminQuickSearch'])) { $searchStringSql = 'CONVERT(user_field.field_id USING utf8) LIKE ' . XenForo_Db::quoteLike($conditions['adminQuickSearch']['searchText'], 'lr'); if (!empty($conditions['adminQuickSearch']['phraseMatches'])) { $sqlConditions[] = '(' . $searchStringSql . ' OR CONVERT(user_field.field_id USING utf8) IN (' . $db->quote($conditions['adminQuickSearch']['phraseMatches']) . '))'; } else { $sqlConditions[] = $searchStringSql; } } return $this->getConditionsForClause($sqlConditions); }
/** * Prepares conditions for searching templates. Often, this search will * be done on an effective template set (using the map). Some conditions * may require this. * * @param array $conditions * @param array $fetchOptions * * @return string SQL conditions */ public function prepareTemplateConditions(array $conditions, array &$fetchOptions) { $db = $this->_getDb(); $sqlConditions = array(); if (!empty($conditions['title'])) { if (is_array($conditions['title'])) { $sqlConditions[] = 'template.title LIKE ' . XenForo_Db::quoteLike($conditions['title'][0], $conditions['title'][1], $db); } else { $sqlConditions[] = 'template.title LIKE ' . XenForo_Db::quoteLike($conditions['title'], 'lr', $db); } } if (!empty($conditions['template'])) { if (is_array($conditions['template'])) { $sqlConditions[] = 'template.template LIKE ' . XenForo_Db::quoteLike($conditions['template'][0], $conditions['phrase_text'][1], $db); } else { $sqlConditions[] = 'template.template LIKE ' . XenForo_Db::quoteLike($conditions['template'], 'lr', $db); } } if (!empty($conditions['template_state'])) { $stateIf = 'IF(template.style_id = 0, \'default\', IF(template.style_id = template_map.style_id, \'custom\', \'inherited\'))'; if (is_array($conditions['template_state'])) { $sqlConditions[] = $stateIf . ' IN (' . $db->quote($conditions['template_state']) . ')'; } else { $sqlConditions[] = $stateIf . ' = ' . $db->quote($conditions['template_state']); } } return $this->getConditionsForClause($sqlConditions); }
/** * * @see XenResource_Model_Resource::prepareResourceFetchOptions() */ public function prepareResourceFetchOptions(array $fetchOptions) { $resourceFetchOptions = parent::prepareResourceFetchOptions($fetchOptions); $db = $this->_getDb(); if (!empty($fetchOptions['order'])) { if (strlen($fetchOptions['order']) > strlen('custom_field_') && substr($fetchOptions['order'], 0, strlen('custom_field_')) == 'custom_field_') { $customFieldId = substr($fetchOptions['order'], strlen('custom_field_')); $fetchOptions['customFields'][$customFieldId] = true; } } if (!empty($fetchOptions['customFields']) && is_array($fetchOptions['customFields'])) { foreach ($fetchOptions['customFields'] as $customFieldId => $value) { if ($value === '' || is_array($value) && !$value) { continue; } $isExact = !empty($fetchOptions['customFieldsExact'][$customFieldId]); $customFieldId = preg_replace('/[^a-z0-9_]/i', '', $customFieldId); $resourceFetchOptions['selectFields'] .= ", resource_field_value_{$customFieldId}.field_value AS custom_field_{$customFieldId}"; if ($value === true) { $resourceFetchOptions['joinTables'] .= "\n LEFT JOIN xf_resource_field_value AS resource_field_value_{$customFieldId} ON\n (resource_field_value_{$customFieldId}.resource_id = resource.resource_id\n AND resource_field_value_{$customFieldId}.field_id = " . $this->_getDb()->quote($customFieldId) . ")"; } else { $possibleValues = array(); foreach ((array) $value as $possible) { if ($isExact) { $possibleValues[] = "resource_field_value_{$customFieldId}.field_value = " . $this->_getDb()->quote($possible); } else { $possibleValues[] = "resource_field_value_{$customFieldId}.field_value LIKE " . XenForo_Db::quoteLike($possible, 'lr'); } } $resourceFetchOptions['joinTables'] .= "\n INNER JOIN xf_resource_field_value AS resource_field_value_{$customFieldId} ON\n (resource_field_value_{$customFieldId}.resource_id = resource.resource_id\n AND resource_field_value_{$customFieldId}.field_id = " . $this->_getDb()->quote($customFieldId) . "\n\t\t\t\t\t\tAND (" . implode(' OR ', $possibleValues) . "))"; } } } return $resourceFetchOptions; }
/** * Return results for admin quick search * * @param string Keywords for which to search * * @return array */ public function getLanguagesForAdminQuickSearch($searchText) { return $this->fetchAllKeyed(' SELECT * FROM xf_language WHERE title LIKE ' . XenForo_Db::quoteLike($searchText, 'lr', $this->_getDb()) . ' ORDER BY title ', 'language_id'); }
public static function verifyPosition(&$positions, XenForo_DataWriter $dw, $fieldName = false) { $positions = trim($positions); if (empty($positions)) { $dw->error(new XenForo_Phrase('wf_position_can_not_be_empty'), $fieldName); } if ('all' == $positions) { return true; } /** @var XenForo_Model_Template $templateModel */ $templateModel = $dw->getModelFromCache('XenForo_Model_Template'); $db = XenForo_Application::getDb(); $positionsArray = explode(',', $positions); $positionsGood = array(); $templateForHooks = array(); foreach ($positionsArray as $position) { $position = trim($position); if (empty($position)) { continue; } if (in_array($position, array('wf_widget_page', 'hook:wf_widget_page_contents'), true) and !$dw->get('widget_page_id')) { $dw->error(new XenForo_Phrase('wf_position_x_requires_widget_page', array('position' => $position)), $fieldName); return false; } if (in_array($position, array('wf_widget_ajax'), true)) { $dw->error(new XenForo_Phrase('wf_invalid_position_x', array('position' => $position)), $fieldName); return false; } // sondh@2012-08-25 // added support for hook:hook_name if (substr($position, 0, 5) == 'hook:') { // accept all kind of hooks, just need to get parent templates for them $templates = $db->fetchAll("\n\t\t\t\t\tSELECT title\n\t\t\t\t\tFROM `xf_template_compiled`\n\t\t\t\t\tWHERE template_compiled LIKE " . XenForo_Db::quoteLike('callTemplateHook(\'' . substr($position, 5) . '\',', 'lr') . "\n\t\t\t\t"); if (count($templates) > 0) { $templateForHooks[$position] = array(); foreach ($templates as $template) { $templateForHooks[$position][] = $template['title']; } $templateForHooks[$position] = array_unique($templateForHooks[$position]); } else { $dw->error(new XenForo_Phrase('wf_non_existent_hook_x', array('hook' => substr($position, 5))), $fieldName); return false; } } elseif (!$templateModel->getTemplateInStyleByTitle($position)) { $dw->error(new XenForo_Phrase('wf_invalid_position_x', array('position' => $position)), $fieldName); return false; } $positionsGood[] = $position; } $dw->setExtraData(WidgetFramework_DataWriter_Widget::EXTRA_DATA_TEMPLATE_FOR_HOOKS, $templateForHooks); asort($positionsGood); $positions = implode(', ', $positionsGood); return true; }
/** * Prepares a collection of link proxy fetching related conditions into an SQL clause * * @param array $conditions List of conditions * @param array $fetchOptions Modifiable set of fetch options (may have joins pushed on to it) * * @return string SQL clause (at least 1=1) */ public function prepareLinkProxyConditions(array $conditions, array &$fetchOptions) { $sqlConditions = array(); $db = $this->_getDb(); if (!empty($conditions['url'])) { if (is_array($conditions['url'])) { $sqlConditions[] = 'link_proxy.url LIKE ' . XenForo_Db::quoteLike($conditions['url'][0], $conditions['url'][1], $db); } else { $sqlConditions[] = 'link_proxy.url LIKE ' . XenForo_Db::quoteLike($conditions['url'], 'lr', $db); } } return $this->getConditionsForClause($sqlConditions); }
public function prepareTermConditions(array $conditions, array &$fetchOptions) { $db = $this->_getDb(); $sqlConditions = array(); if (!empty($conditions['value'])) { if (is_array($conditions['value'])) { $sqlConditions[] = 'terms.value LIKE ' . XenForo_Db::quoteLike($conditions['value'][0], $conditions['value'][1], $db); } else { $sqlConditions[] = 'terms.value LIKE ' . XenForo_Db::quoteLike($conditions['value'], 'lr', $db); } } return $this->getConditionsForClause($sqlConditions); }
/** * Gets promotions matching the specified conditions. * * @param array $conditions * * @return array [promotion id] => info */ public function getPromotions(array $conditions = array()) { $sqlConditions = array(); if (isset($conditions['active'])) { $sqlConditions[] = 'promotion.active = ' . ($conditions['active'] ? 1 : 0); } if (isset($conditions['adminQuickSearch'])) { $sqlConditions[] = 'promotion.title LIKE ' . XenForo_Db::quoteLike($conditions['adminQuickSearch'], 'lr', $this->_getDb()); } $whereClause = $this->getConditionsForClause($sqlConditions); return $this->fetchAllKeyed(' SELECT promotion.* FROM xf_user_group_promotion AS promotion WHERE ' . $whereClause . ' ORDER BY promotion.title ', 'promotion_id'); }
/** * Prepares a set of conditions to select fields against. * * @param array $conditions List of conditions. * @param array $fetchOptions The fetch options that have been provided. May * be edited if criteria requires. * * @return string Criteria as SQL for where clause */ public function prepareResourceFieldConditions(array $conditions, array &$fetchOptions) { $db = $this->_getDb(); $sqlConditions = array(); if (isset($conditions['field_ids'])) { $sqlConditions[] = 'field.field_id IN(' . $db->quote($conditions['field_ids']) . ')'; } if (!empty($conditions['field_group_id'])) { $sqlConditions[] = 'field.field_group_id = ' . $db->quote($conditions['field_group_id']); } if (!empty($conditions['field_choices_class_id'])) { $sqlConditions[] = 'field.field_choices_class_id = ' . $db->quote($conditions['field_choices_class_id']); } if (!empty($conditions['addon_id'])) { $sqlConditions[] = 'field.addon_id = ' . $db->quote($conditions['addon_id']); } if (!empty($conditions['active'])) { $sqlConditions[] = 'addon.active = 1 OR field.addon_id = \'\''; $this->addFetchOptionJoin($fetchOptions, self::FETCH_ADDON); } if (!empty($conditions['adminQuickSearch'])) { $searchStringSql = 'field.field_id LIKE ' . XenForo_Db::quoteLike($conditions['adminQuickSearch']['searchText'], 'lr'); if (!empty($conditions['adminQuickSearch']['phraseMatches'])) { $sqlConditions[] = '(' . $searchStringSql . ' OR field.field_id IN (' . $db->quote($conditions['adminQuickSearch']['phraseMatches']) . '))'; } else { $sqlConditions[] = $searchStringSql; } } if (isset($conditions['resource_category_id'])) { if (is_array($conditions['resource_category_id'])) { $sqlConditions[] = 'rcf.resource_category_id IN (' . $db->quote($conditions['resource_category_id']) . ')'; } else { $sqlConditions[] = 'rcf.resource_category_id = ' . $db->quote($conditions['resource_category_id']); } $this->addFetchOptionJoin($fetchOptions, self::FETCH_CATEGORY_FIELD); } if (isset($conditions['resource_category_ids'])) { $sqlConditions[] = 'rcf.resource_category_id IN(' . $db->quote($conditions['resource_category_ids']) . ')'; $this->addFetchOptionJoin($fetchOptions, self::FETCH_CATEGORY_FIELD); } if (!empty($conditions['informationView'])) { $sqlConditions[] = 'field.viewable_information = 1'; } return $this->getConditionsForClause($sqlConditions); }
/** * Searches phrases for the given search text, when the phrase title * matches constraints set by $phraseConditions, then returns those * results in groups according to the title constraint they matched. * * @param string $searchText * @param array $phraseConditions [type => [like => SQL Like string, regex => regex match]] * @param array $viewingUser * * @return array */ protected function _getPhraseMatches($searchText, array $phraseConditions) { $db = $this->_getDb(); // build the title constraints $titleConditions = array(); foreach ($phraseConditions as $searchType => $phraseCondition) { if ($phraseCondition) { $titleConditions[$searchType] = 'title LIKE ' . $phraseCondition['like']; } } // there were no title constraints, so bypass all the heavy lifting if (!$titleConditions) { // build an array that looks like we did all the stuff below but found nothing return array_fill_keys(array_keys($phraseConditions), array()); } // get the ID of the language within which to search $languageId = XenForo_Visitor::getInstance()->language_id; if (!$languageId) { $languageId = XenForo_Application::get('options')->defaultLanguageId; } $phraseIds = $db->fetchCol(' SELECT title FROM xf_phrase_compiled WHERE language_id = ? AND phrase_text LIKE ' . XenForo_Db::quoteLike($searchText, 'lr', $db) . ' AND ( ' . implode(' OR ', $titleConditions) . ' ) ', $languageId); // Divide the found phrases into groups using the phrase condition regexes $phrases = array(); foreach ($phraseConditions as $searchType => $phraseCondition) { $phrases[$searchType] = array(); if ($phraseCondition) { foreach ($phraseIds as $i => $phraseId) { if (preg_match($phraseCondition['regex'], $phraseId, $match)) { $phrases[$searchType][] = $match[1]; unset($phraseIds[$i]); } } } } return $phrases; }
/** * Prepares a collection of forum fetching related conditions into an SQL clause * * @param array $conditions List of conditions * @param array $fetchOptions Modifiable set of fetch options (may have joins pushed on to it) * * @return string SQL clause (at least 1=1) */ public function prepareForumConditions(array $conditions, array &$fetchOptions) { $parentConditions = parent::prepareForumConditions($conditions, $fetchOptions); $db = $this->_getDb(); $sqlConditions = array(); if (!empty($conditions['title'])) { if (is_array($conditions['title'])) { $sqlConditions[] = 'node.title LIKE ' . XenForo_Db::quoteLike($conditions['title'][0], $conditions['title'][1], $db); } else { $sqlConditions[] = 'node.title LIKE ' . XenForo_Db::quoteLike($conditions['title'], 'lr', $db); } } if ($parentConditions != '1=1') { return $parentConditions; } else { return $this->getConditionsForClause($sqlConditions); } }
/** * Prepares a set of conditions to select fields against. * * @param array $conditions List of conditions. * @param array $fetchOptions The fetch options that have been provided. May be edited if criteria requires. * * @return string Criteria as SQL for where clause */ public function prepareGalleryFieldConditions(array $conditions, array &$fetchOptions) { $db = $this->_getDb(); $sqlConditions = array(); if (!empty($conditions['display_group'])) { $sqlConditions[] = 'field.display_group = ' . $db->quote($conditions['display_group']); } if (!empty($conditions['adminQuickSearch'])) { $searchStringSql = 'CONVERT(field.field_id USING utf8) LIKE ' . XenForo_Db::quoteLike($conditions['adminQuickSearch']['searchText'], 'lr'); if (!empty($conditions['adminQuickSearch']['phraseMatches'])) { $sqlConditions[] = '(' . $searchStringSql . ' OR CONVERT(field.field_id USING utf8) IN (' . $db->quote($conditions['adminQuickSearch']['phraseMatches']) . '))'; } else { $sqlConditions[] = $searchStringSql; } } if (isset($conditions['display_add_media'])) { $sqlConditions[] = 'field.display_add_media = ' . $db->quote($conditions['display_add_media']); } return $this->getConditionsForClause($sqlConditions); }
public function validateConfiguration(array &$config) { $errors = array(); $config['db']['prefix'] = preg_replace('/[^a-z0-9_]/i', '', $config['db']['prefix']); try { $db = Zend_Db::factory('mysqli', array('host' => $config['db']['host'], 'port' => $config['db']['port'], 'username' => $config['db']['username'], 'password' => $config['db']['password'], 'dbname' => $config['db']['dbname'], 'charset' => $config['db']['charset'])); $db->getConnection(); } catch (Zend_Db_Exception $e) { $errors[] = new XenForo_Phrase('source_database_connection_details_not_correct_x', array('error' => $e->getMessage())); } if ($errors) { return $errors; } try { $db->query(' SELECT userid FROM ' . $config['db']['prefix'] . 'users LIMIT 1 '); } catch (Zend_Db_Exception $e) { if ($config['db']['dbname'] === '') { $errors[] = new XenForo_Phrase('please_enter_database_name'); } else { $errors[] = new XenForo_Phrase('table_prefix_or_database_name_is_not_correct'); } } $config['noRatingsTable'] = false; try { $ratingsTableExists = $db->fetchOne(' SHOW TABLES LIKE ' . XenForo_Db::quoteLike($config['db']['prefix'] . 'ratings', '') . ' '); if (!$ratingsTableExists) { $config['noRatingsTable'] = true; } } catch (Zend_Db_Exception $e) { } return $errors; }
/** * Prepares conditions for searching admin templates. * * @param array $conditions * @param array $fetchOptions * * @return string SQL conditions */ public function prepareTemplateConditions(array $conditions, array &$fetchOptions) { $db = $this->_getDb(); $sqlConditions = array(); if (!empty($conditions['title'])) { if (is_array($conditions['title'])) { $sqlConditions[] = 'template.title LIKE ' . XenForo_Db::quoteLike($conditions['title'][0], $conditions['title'][1], $db); } else { $sqlConditions[] = 'template.title LIKE ' . XenForo_Db::quoteLike($conditions['title'], 'lr', $db); } } if (!empty($conditions['template'])) { if (is_array($conditions['template'])) { $sqlConditions[] = 'template.template LIKE ' . XenForo_Db::quoteLike($conditions['template'][0], $conditions['phrase_text'][1], $db); } else { $sqlConditions[] = 'template.template LIKE ' . XenForo_Db::quoteLike($conditions['template'], 'lr', $db); } } if (!empty($conditions['addon_id'])) { $sqlConditions[] = 'addon.addon_id = ' . $db->quote($conditions['addon_id']); } return $this->getConditionsForClause($sqlConditions); }
public function getBbCodeMediaSitesForAdminQuickSearch($searchText) { $quotedString = XenForo_Db::quoteLike($searchText, 'lr', $this->_getDb()); return $this->fetchAllKeyed(' SELECT * FROM xf_bb_code_media_site WHERE site_title LIKE ' . $quotedString . ' ORDER BY site_title', 'media_site_id'); }
/** * Get the specified style property definitions by their property names. * Does not include default property value. * * @param string $searchText * @param array $propertyNames * * @return array */ public function getStylePropertyDefinitionsForAdminQuickSearch($searchText, array $propertyNames) { $searchStringSql = 'CONVERT(property_name USING utf8) LIKE ' . XenForo_Db::quoteLike($searchText, 'lr'); if (!empty($propertyNames)) { $sqlConditions = '(' . $searchStringSql . ' OR property_name IN (' . $this->_getDb()->quote($propertyNames) . '))'; } else { $sqlConditions = $searchStringSql; } return $this->fetchAllKeyed(' SELECT * FROM xf_style_property_definition WHERE ' . $sqlConditions, 'property_name'); }
/** * Fetch feeds for ACP quick search based on title match * * @param string $searchText * * @return array */ public function getFeedsForAdminQuickSearch($searchText) { $quotedString = XenForo_Db::quoteLike($searchText, 'lr', $this->_getDb()); return $this->fetchAllKeyed(' SELECT * FROM xf_feed WHERE title LIKE ' . $quotedString . ' ORDER BY active, title', 'feed_id'); }
public function getUserUpgradesForAdminQuickSearch($searchText) { $quotedText = XenForo_Db::quoteLike($searchText, 'lr', $this->_getDb()); return $this->fetchAllKeyed(' SELECT * FROM xf_user_upgrade WHERE title LIKE ' . $quotedText . ' OR description LIKE ' . $quotedText . ' ORDER BY display_order', 'user_upgrade_id'); }
/** * Prepares a set of conditions to select users against. * * @param array $conditions List of conditions. (TODO: make list) * @param array $fetchOptions The fetch options that have been provided. May be edited if criteria requires. * * @return string Criteria as SQL for where clause */ public function prepareUserConditions(array $conditions, array &$fetchOptions) { $db = $this->_getDb(); $sqlConditions = array(); if (!empty($conditions['user_id'])) { if (is_array($conditions['user_id'])) { $sqlConditions[] = 'user.user_id IN(' . $db->quote($conditions['user_id']) . ')'; } else { $sqlConditions[] = 'user.user_id = ' . $db->quote($conditions['user_id']); } } if (!empty($conditions['username'])) { if (is_array($conditions['username'])) { $sqlConditions[] = 'user.username LIKE ' . XenForo_Db::quoteLike($conditions['username'][0], $conditions['username'][1], $db); } else { $sqlConditions[] = 'user.username LIKE ' . XenForo_Db::quoteLike($conditions['username'], 'lr', $db); } } // this is mainly for dynamically filtering a search that already matches user names if (!empty($conditions['username2'])) { if (is_array($conditions['username2'])) { $sqlConditions[] = 'user.username LIKE ' . XenForo_Db::quoteLike($conditions['username2'][0], $conditions['username2'][1], $db); } else { $sqlConditions[] = 'user.username LIKE ' . XenForo_Db::quoteLike($conditions['username2'], 'lr', $db); } } if (!empty($conditions['usernames']) && is_array($conditions['usernames'])) { $sqlConditions[] = 'user.username IN (' . $db->quote($conditions['usernames']) . ')'; } if (!empty($conditions['email'])) { if (is_array($conditions['email'])) { $sqlConditions[] = 'user.email LIKE ' . XenForo_Db::quoteLike($conditions['email'][0], $conditions['email'][1], $db); } else { $sqlConditions[] = 'user.email LIKE ' . XenForo_Db::quoteLike($conditions['email'], 'lr', $db); } } if (!empty($conditions['emails']) && is_array($conditions['emails'])) { $sqlConditions[] = 'user.email IN (' . $db->quote($conditions['emails']) . ')'; } if (!empty($conditions['no_empty_email'])) { $sqlConditions[] = "user.email <> ''"; } if (!empty($conditions['user_group_id'])) { if (is_array($conditions['user_group_id'])) { $sqlConditions[] = 'user.user_group_id IN (' . $db->quote($conditions['user_group_id']) . ')'; } else { $sqlConditions[] = 'user.user_group_id = ' . $db->quote($conditions['user_group_id']); } } if (isset($conditions['gender'])) { if (is_array($conditions['gender'])) { if ($conditions['gender']) { $sqlConditions[] = 'user.gender IN (' . $db->quote($conditions['gender']) . ')'; } } else { $sqlConditions[] = 'user.gender = ' . $db->quote($conditions['gender']); } } if (!empty($conditions['secondary_group_ids'])) { if (is_array($conditions['secondary_group_ids'])) { $groupConds = array(); foreach ($conditions['secondary_group_ids'] as $groupId) { $groupConds[] = 'FIND_IN_SET(' . $db->quote($groupId) . ', user.secondary_group_ids)'; } $sqlConditions[] = '(' . implode(' OR ', $groupConds) . ')'; } else { $sqlConditions[] = 'FIND_IN_SET(' . $db->quote($conditions['secondary_group_ids']) . ', user.secondary_group_ids)'; } } if (!empty($conditions['not_secondary_group_ids'])) { if (is_array($conditions['not_secondary_group_ids'])) { $groupConds = array(); foreach ($conditions['not_secondary_group_ids'] as $groupId) { $groupConds[] = 'FIND_IN_SET(' . $db->quote($groupId) . ', user.secondary_group_ids) = 0'; } $sqlConditions[] = '(' . implode(' AND ', $groupConds) . ')'; } else { $sqlConditions[] = 'FIND_IN_SET(' . $db->quote($conditions['not_secondary_group_ids']) . ', user.secondary_group_ids) = 0'; } } if (isset($conditions['no_secondary_group_ids'])) { if ($conditions['no_secondary_group_ids']) { $sqlConditions[] = "user.secondary_group_ids = ''"; } else { $sqlConditions[] = "user.secondary_group_ids <> ''"; } } if (!empty($conditions['last_activity']) && is_array($conditions['last_activity'])) { $sqlConditions[] = $this->getCutOffCondition("user.last_activity", $conditions['last_activity']); } if (!empty($conditions['active_recently'])) { if ($conditions['active_recently'] === true) { // general definition of recently active: 6 months $conditions['active_recently'] = 30 * 6 * 86400; } $sqlConditions[] = "user.last_activity > " . (XenForo_Application::$time - intval($conditions['active_recently'])); } if (!empty($conditions['register_date']) && is_array($conditions['register_date'])) { $sqlConditions[] = $this->getCutOffCondition("user.register_date", $conditions['register_date']); } if (!empty($conditions['message_count']) && is_array($conditions['message_count'])) { $sqlConditions[] = $this->getCutOffCondition("user.message_count", $conditions['message_count']); } if (!empty($conditions['like_count']) && is_array($conditions['like_count'])) { $sqlConditions[] = $this->getCutOffCondition("user.like_count", $conditions['like_count']); } if (!empty($conditions['trophy_points']) && is_array($conditions['trophy_points'])) { $sqlConditions[] = $this->getCutOffCondition("user.trophy_points", $conditions['trophy_points']); } if (!empty($conditions['user_state']) && $conditions['user_state'] !== 'any') { if (is_array($conditions['user_state'])) { $sqlConditions[] = 'user.user_state IN (' . $db->quote($conditions['user_state']) . ')'; } else { $sqlConditions[] = 'user.user_state = ' . $db->quote($conditions['user_state']); } } if (isset($conditions['is_admin'])) { $sqlConditions[] = 'user.is_admin = ' . ($conditions['is_admin'] ? 1 : 0); } if (isset($conditions['is_moderator'])) { $sqlConditions[] = 'user.is_moderator = ' . ($conditions['is_moderator'] ? 1 : 0); } if (isset($conditions['is_banned'])) { $sqlConditions[] = 'user.is_banned = ' . ($conditions['is_banned'] ? 1 : 0); } if (isset($conditions['is_staff'])) { $sqlConditions[] = 'user.is_staff = ' . ($conditions['is_staff'] ? 1 : 0); } if (isset($conditions['is_discouraged'])) { $this->addFetchOptionJoin($fetchOptions, self::FETCH_USER_OPTION); $sqlConditions[] = 'user_option.is_discouraged = ' . ($conditions['is_discouraged'] ? 1 : 0); } if (!empty($conditions['receive_admin_email'])) { $sqlConditions[] = 'user_option.receive_admin_email = 1'; $this->addFetchOptionJoin($fetchOptions, self::FETCH_USER_OPTION); } if (!empty($conditions['adminQuickSearch'])) { $quotedString = XenForo_Db::quoteLike($conditions['adminQuickSearch'], 'lr', $db); $sqlConditions[] = 'user.username LIKE ' . $quotedString . ' OR user.email LIKE ' . $quotedString; } // these are conditions, but implemented via fetch options as they need a bunch of joins if (!empty($conditions['customFields']) && empty($fetchOptions['customFields'])) { $fetchOptions['customFields'] = $conditions['customFields']; } if (!empty($conditions['customFieldsExact']) && empty($fetchOptions['customFieldsExact'])) { $fetchOptions['customFieldsExact'] = $conditions['customFieldsExact']; } return $this->getConditionsForClause($sqlConditions); }
public function prepareAlbumConditions(array $conditions, array &$fetchOptions) { $sqlConditions = array(); $db = $this->_getDb(); if (isset($conditions['album_id'])) { if (is_array($conditions['album_id'])) { $sqlConditions[] = 'album.album_id IN (' . $db->quote($conditions['album_id']) . ')'; } else { $sqlConditions[] = 'album.album_id = ' . $db->quote($conditions['album_id']); } } if (isset($conditions['user_id'])) { if (is_array($conditions['user_id'])) { $sqlConditions[] = 'album.user_id IN (' . $db->quote($conditions['user_id']) . ')'; } else { $sqlConditions[] = 'album.user_id = ' . $db->quote($conditions['user_id']); } } if (isset($conditions['collection_id'])) { if (is_array($conditions['collection_id'])) { $sqlConditions[] = 'album.collection_id IN (' . $db->quote($conditions['collection_id']) . ')'; } else { $sqlConditions[] = 'album.collection_id = ' . $db->quote($conditions['collection_id']); } } if (isset($conditions['category_id'])) { if (is_array($conditions['category_id'])) { $sqlConditions[] = 'album.category_id IN (' . $db->quote($conditions['category_id']) . ')'; } else { $sqlConditions[] = 'album.category_id = ' . $db->quote($conditions['category_id']); } } if (!empty($conditions['title'])) { if (is_array($conditions['title'])) { $sqlConditions[] = 'album.title IN (' . $db->quote($conditions['title']) . ')'; } else { $sqlConditions[] = 'album.title = ' . $db->quote($conditions['title']); } } if (isset($conditions['album_type'])) { if (is_array($conditions['album_type'])) { $sqlConditions[] = 'album.album_type IN (' . $db->quote($conditions['album_type']) . ')'; } else { $sqlConditions[] = 'album.album_type = ' . $db->quote($conditions['album_type']); } } if (!empty($conditions['album_state'])) { if (is_array($conditions['album_state'])) { $sqlConditions[] = 'album.album_state IN (' . $db->quote($conditions['album_state']) . ')'; } else { $sqlConditions[] = 'album.album_state = ' . $db->quote($conditions['album_state']); } } if (isset($conditions['album_location'])) { if (is_array($conditions['album_location'])) { $sqlConditions[] = 'album.album_location IN (' . $db->quote($conditions['album_location']) . ')'; } else { $sqlConditions[] = 'album.album_location = ' . $db->quote($conditions['album_location']); } } if (!empty($conditions['titleLike'])) { if (is_array($conditions['titleLike'])) { $sqlConditions[] = 'album.title LIKE ' . XenForo_Db::quoteLike($conditions['titleLike'][0], $conditions['titleLike'][1], $db); } else { $sqlConditions[] = 'album.title LIKE ' . XenForo_Db::quoteLike($conditions['titleLike'], 'lr', $db); } } if (!empty($conditions['cover_content_id']) && is_array($conditions['cover_content_id'])) { list($operator, $cutOff) = $conditions['cover_content_id']; $this->assertValidCutOffOperator($operator); $sqlConditions[] = "album.cover_content_id {$operator} " . $db->quote($cutOff); } if (!empty($conditions['content_count']) && is_array($conditions['content_count'])) { list($operator, $cutOff) = $conditions['content_count']; $this->assertValidCutOffOperator($operator); $sqlConditions[] = "album.content_count {$operator} " . $db->quote($cutOff); } if (!empty($conditions['photo_count']) && is_array($conditions['photo_count'])) { list($operator, $cutOff) = $conditions['photo_count']; $this->assertValidCutOffOperator($operator); $sqlConditions[] = "album.photo_count {$operator} " . $db->quote($cutOff); } if (isset($conditions['deleted']) || isset($conditions['moderated'])) { $sqlConditions[] = $this->prepareStateLimitFromConditions($conditions, 'album', 'album_state'); } if (!empty($conditions['likes']) && is_array($conditions['likes'])) { list($operator, $cutOff) = $conditions['likes']; $this->assertValidCutOffOperator($operator); $sqlConditions[] = "album.likes {$operator} " . $db->quote($cutOff); } if (!empty($conditions['view_count']) && is_array($conditions['view_count'])) { list($operator, $cutOff) = $conditions['view_count']; $this->assertValidCutOffOperator($operator); $sqlConditions[] = "album.view_count {$operator} " . $db->quote($cutOff); } if (!empty($conditions['comment_count']) && is_array($conditions['comment_count'])) { list($operator, $cutOff) = $conditions['comment_count']; $this->assertValidCutOffOperator($operator); $sqlConditions[] = "album.comment_count {$operator} " . $db->quote($cutOff); } if (!empty($conditions['album_date']) && is_array($conditions['album_date'])) { list($operator, $cutOff) = $conditions['album_date']; $this->assertValidCutOffOperator($operator); $sqlConditions[] = "album.album_date {$operator} " . $db->quote($cutOff); } if (!empty($conditions['album_updated_date']) && is_array($conditions['album_updated_date'])) { list($operator, $cutOff) = $conditions['album_updated_date']; $this->assertValidCutOffOperator($operator); $sqlConditions[] = "album.album_updated_date {$operator} " . $db->quote($cutOff); } return $this->getConditionsForClause($sqlConditions); }
public function prepareTokenConditions(array $conditions, array &$fetchOptions) { $sqlConditions = array(); $db = $this->_getDb(); foreach (array('token_id', 'client_id', 'expire_date', 'user_id') as $columnName) { if (!isset($conditions[$columnName])) { continue; } if (is_array($conditions[$columnName])) { if (!empty($conditions[$columnName])) { // only use IN condition if the array is not empty (nasty!) $sqlConditions[] = "token.{$columnName} IN (" . $db->quote($conditions[$columnName]) . ")"; } } else { $sqlConditions[] = "token.{$columnName} = " . $db->quote($conditions[$columnName]); } } if (isset($conditions['token_text'])) { $sqlConditions[] = 'token.token_text = ' . $this->_getDb()->quote($conditions['token_text']); } if (isset($conditions['expired'])) { if ($conditions['expired']) { $sqlConditions[] = 'token.expire_date > 0'; $sqlConditions[] = 'token.expire_date < ' . XenForo_Application::$time; } else { $sqlConditions[] = 'token.expire_date = 0 OR token.expire_date > ' . XenForo_Application::$time; } } if (!empty($conditions['filter'])) { if (is_array($conditions['filter'])) { $filterQuoted = XenForo_Db::quoteLike($conditions['filter'][0], $conditions['filter'][1], $db); } else { $filterQuoted = XenForo_Db::quoteLike($conditions['filter'], 'lr', $db); } $sqlConditions[] = sprintf('token.token_text LIKE %1$s', $filterQuoted); } return $this->getConditionsForClause($sqlConditions); }
public function prepareClientConditions(array $conditions, array &$fetchOptions) { $sqlConditions = array(); $db = $this->_getDb(); foreach (array('client_id', 'user_id') as $columnName) { if (!isset($conditions[$columnName])) { continue; } if (is_array($conditions[$columnName])) { if (!empty($conditions[$columnName])) { // only use IN condition if the array is not empty (nasty!) $sqlConditions[] = "client.{$columnName} IN (" . $db->quote($conditions[$columnName]) . ")"; } } else { $sqlConditions[] = "client.{$columnName} = " . $db->quote($conditions[$columnName]); } } if (!empty($conditions['filter'])) { if (is_array($conditions['filter'])) { $filterQuoted = XenForo_Db::quoteLike($conditions['filter'][0], $conditions['filter'][1], $db); } else { $filterQuoted = XenForo_Db::quoteLike($conditions['filter'], 'lr', $db); } $sqlConditions[] = sprintf('(client.name LIKE %1$s OR client.redirect_uri LIKE %1$s)', $filterQuoted); } return $this->getConditionsForClause($sqlConditions); }
/** * Return results for admin quick search * * @param string Keywords for which to search * * @return array */ public function getUserGroupsForAdminQuickSearch($searchText) { $likeString = XenForo_Db::quoteLike($searchText, 'lr', $this->_getDb()); return $this->fetchAllKeyed(' SELECT * FROM xf_user_group WHERE title LIKE ' . $likeString . ' OR user_title LIKE ' . $likeString . ' ORDER BY title ', 'user_group_id'); }
/** * Fetches smilies for admin quick search results * * @param string $searchText * * @return array */ public function getSmiliesForAdminQuickSearch($searchText) { $quotedText = XenForo_Db::quoteLike($searchText, 'lr', $this->_getDb()); return $this->fetchAllKeyed(' SELECT * FROM xf_smilie WHERE title LIKE ' . $quotedText . ' OR smilie_text LIKE ' . $quotedText, 'smilie_id'); }
public function getPhraseConditions() { return array('like' => XenForo_Db::quoteLike('admin_navigation_', 'r'), 'regex' => '/^admin_navigation_(.*)$/'); }
public function prepareLogConditions(array $conditions = array(), array $fetchOptions = array()) { $sqlConditions = array(); $db = $this->_getDb(); if (isset($conditions['log_id'])) { if (is_array($conditions['log_id'])) { if (!empty($conditions['log_id'])) { // only use IN condition if the array is not empty (nasty!) $sqlConditions[] = "log.log_id IN (" . $db->quote($conditions['log_id']) . ")"; } } else { $sqlConditions[] = "log.log_id = " . $db->quote($conditions['log_id']); } } if (isset($conditions['client_id'])) { if (is_array($conditions['client_id'])) { if (!empty($conditions['client_id'])) { // only use IN condition if the array is not empty (nasty!) $sqlConditions[] = "log.client_id IN (" . $db->quote($conditions['client_id']) . ")"; } } else { $sqlConditions[] = "log.client_id = " . $db->quote($conditions['client_id']); } } if (isset($conditions['user_id'])) { if (is_array($conditions['user_id'])) { if (!empty($conditions['user_id'])) { // only use IN condition if the array is not empty (nasty!) $sqlConditions[] = "log.user_id IN (" . $db->quote($conditions['user_id']) . ")"; } } else { $sqlConditions[] = "log.user_id = " . $db->quote($conditions['user_id']); } } if (isset($conditions['ip_address'])) { if (is_array($conditions['ip_address'])) { if (!empty($conditions['ip_address'])) { // only use IN condition if the array is not empty (nasty!) $sqlConditions[] = "log.ip_address IN (" . $db->quote($conditions['ip_address']) . ")"; } } else { $sqlConditions[] = "log.ip_address = " . $db->quote($conditions['ip_address']); } } if (isset($conditions['request_date'])) { if (is_array($conditions['request_date'])) { if (!empty($conditions['request_date'])) { // only use IN condition if the array is not empty (nasty!) $sqlConditions[] = "log.request_date IN (" . $db->quote($conditions['request_date']) . ")"; } } else { $sqlConditions[] = "log.request_date = " . $db->quote($conditions['request_date']); } } if (isset($conditions['request_method'])) { if (is_array($conditions['request_method'])) { if (!empty($conditions['request_method'])) { // only use IN condition if the array is not empty (nasty!) $sqlConditions[] = "log.request_method IN (" . $db->quote($conditions['request_method']) . ")"; } } else { $sqlConditions[] = "log.request_method = " . $db->quote($conditions['request_method']); } } if (isset($conditions['response_code'])) { if (is_array($conditions['response_code'])) { if (!empty($conditions['response_code'])) { // only use IN condition if the array is not empty (nasty!) $sqlConditions[] = "log.response_code IN (" . $db->quote($conditions['response_code']) . ")"; } } else { $sqlConditions[] = "log.response_code = " . $db->quote($conditions['response_code']); } } if (!empty($conditions['filter'])) { if (is_array($conditions['filter'])) { $filterQuoted = XenForo_Db::quoteLike($conditions['filter'][0], $conditions['filter'][1], $db); } else { $filterQuoted = XenForo_Db::quoteLike($conditions['filter'], 'lr', $db); } $sqlConditions[] = sprintf('(log.ip_address LIKE %1$s OR log.request_uri LIKE %1$s)', $filterQuoted); } return $this->getConditionsForClause($sqlConditions); }
/** * Get admin templates whose names contain the search text * * @param string $searchText * * @return array */ public function getAdminTemplatesForAdminQuickSearch($searchText) { return $this->fetchAllKeyed(' SELECT template_id, title, addon_id FROM xf_admin_template WHERE CONVERT(title USING utf8) LIKE ' . XenForo_Db::quoteLike($searchText, 'lr') . ' ', 'template_id'); }
public function countTagList($containing = null) { if ($containing && strlen($containing)) { $containingSql = "AND tag LIKE " . XenForo_Db::quoteLike($containing, 'lr'); } else { $containingSql = ''; } return $this->_getDb()->fetchOne("\r\n\t\t\tSELECT COUNT(*)\r\n\t\t\tFROM xf_tag\r\n\t\t\tWHERE 1=1 {$containingSql}\r\n\t\t"); }
/** * Prepares SQL conditions for fetching options * * @param array $conditions * @param array $fetchOptions * * @return string */ public function prepareOptionConditions(array $conditions, array $fetchOptions = array()) { $db = $this->_getDb(); $sqlConditions = array(); if (!empty($conditions['all'])) { $sqlConditions[] = '1=1'; } if (!empty($conditions['optionIds'])) { $sqlConditions[] = 'xf_option.option_id IN (' . $db->quote($conditions['optionIds']) . ')'; } if (!empty($conditions['addOnId'])) { $sqlConditions[] = 'xf_option.addon_id = ' . $db->quote($conditions['addOnId']); } if (!empty($conditions['adminQuickSearch'])) { $searchStringSql = 'CONVERT(xf_option.option_id USING utf8) LIKE ' . XenForo_Db::quoteLike($conditions['adminQuickSearch']['searchText'], 'lr'); if (!empty($conditions['adminQuickSearch']['phraseMatches'])) { $sqlConditions[] = '(' . $searchStringSql . ' OR CONVERT(xf_option.option_id USING utf8) IN (' . $db->quote($conditions['adminQuickSearch']['phraseMatches']) . '))'; } else { $sqlConditions[] = $searchStringSql; } } return $this->getConditionsForClause($sqlConditions); }
/** * Fetch phrases that contain $textSearch and have titles that match $titleConstraint * from either the specified language, or the viewing user's chosen language. * * @param string Text to find in phrase * @param string|array Either a string to be LIKE lr quoted, or an array containing 0 => search text including wild card, 1 => wild card character * @param integer Max results to return * @param integer|null Language in which to search * @param array Viewing user array * * @return array [title => text] */ public function getPhrasesMatchingSearchTextWithConstrainedTitles($textSearch, $titleConstraint, $maxResults = 5, $languageId = null, array $viewingUser = null) { if (is_null($languageId)) { $viewingUser = $this->standardizeViewingUserReference($viewingUser); $languageId = $viewingUser['language_id']; if (!$languageId) { $languageId = XenForo_Application::get('options')->defaultLanguageId; } } $db = $this->_getDb(); if (is_array($titleConstraint)) { $titleConstraint = XenForo_Db::quoteLike($titleConstraint[0], $titleConstraint[1], $db); } else { $titleConstraint = XenForo_Db::quoteLike($titleConstraint, 'lr', $db); } return $db->fetchPairs($this->limitQueryResults(' SELECT title, phrase_text FROM xf_phrase_compiled WHERE language_id = ? AND phrase_text LIKE ' . XenForo_Db::quoteLike($textSearch, 'lr', $db) . ' AND title LIKE ' . $titleConstraint . ' ', $maxResults), $languageId); }